CN118282605A - Data transmission method and system based on fragmentation obfuscation - Google Patents

Data transmission method and system based on fragmentation obfuscation Download PDF

Info

Publication number
CN118282605A
CN118282605A CN202410373652.3A CN202410373652A CN118282605A CN 118282605 A CN118282605 A CN 118282605A CN 202410373652 A CN202410373652 A CN 202410373652A CN 118282605 A CN118282605 A CN 118282605A
Authority
CN
China
Prior art keywords
file
data
obfuscation
consistency
confusion
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410373652.3A
Other languages
Chinese (zh)
Inventor
罗强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202410373652.3A priority Critical patent/CN118282605A/en
Publication of CN118282605A publication Critical patent/CN118282605A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1074Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
    • H04L67/1078Resource delivery mechanisms
    • H04L67/108Resource delivery mechanisms characterised by resources being split in blocks or fragments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The application provides a data transmission method and a system based on fragment confusion, which relate to the field of blockchain networks and can be applied to the financial field and other fields, wherein the method comprises the following steps: generating a plurality of file fragments with a file object tree structure by file fragments according to the received secret state file; performing privacy homomorphic confusion encryption processing on the piece of data generated by the file piece through the file piece confusion parameter to obtain confusion data, and performing piece confusion consistency algorithm on the confusion data through the file piece confusion consistency parameter to perform piece confusion consistency assessment; searching the latest transmission route in the decentralised storage network according to the consistency evaluation result, and transmitting the confusion data to a target storage node for storage according to the transmission route.

Description

Data transmission method and system based on fragment confusion
Technical Field
The application relates to the field of blockchain networks, which can be applied to the financial field and other fields, in particular to a data transmission method and system based on fragment confusion.
Background
The development of the internet has improved the communication between users around the world, promoting new economic development with data file exchange as a carrier. The current industry greatly increases the concurrency of file transmission by a file slicing technology, but brings potential safety hazards of transmission consistency, in an decentralized environment constructed by the Internet, large file transmission is generally carried out in an encryption mode, a receiver gathers and decrypts encrypted files at a target node after obtaining keys, and since file aggregation is completed at the target node, the consistency and the integrity of file slicing and file aggregation are required to be verified, the whole process is time-consuming and labor-consuming, the problems of poor consistency verification effect, low safety and the like exist, the safety and the stability of user data are seriously influenced, the expansion of industry application is prevented, and an efficient and safe data consistency verification method for slicing is urgently required to be provided.
The file slicing transmission technology is used as a concurrent transmission architecture model applied to a decentralization network and is increasingly applied to a blockchain real storage system, and is particularly suitable for being applied to environments for storing and transmitting large files on a chain, however, the wide area network transmission large files have the problems of poor safety, low consistency verification efficiency and the like: firstly, the security is poor, after the large file is fragmented, the transmission process is easy to be acquired by an eavesdropper, and the original data information is recovered through reverse engineering, so that the risk of information leakage is increased; secondly, the consistency checking efficiency is bottleneck, and no effective method exists for data loss and tampering in the transmission process, so that the paid processing cost is high, but the effect is not ideal. In view of this, there is a need to provide a high-efficiency and disaster-backup-safety data consistency verification method for link-up and link-down coordination, which ensures that large file data fragments can be decomposed and combined according to the needs of users when the large file data fragments are transmitted through a decentralized network, so as to avoid data loss and malicious damage, thereby realizing high-efficiency transmission of data files and enterprise-level data safety to a greater extent.
Disclosure of Invention
The application aims to provide a data transmission method and system based on fragment confusion, which solve the problems of fragment security and consistency recovery of large file data transmission in a decentralization environment.
In order to achieve the above object, the data transmission method based on fragment confusion provided by the present application specifically includes: generating a plurality of file fragments with a file object tree structure by file fragments according to the received secret state file; performing privacy homomorphic confusion encryption processing on the piece of data generated by the file piece through the file piece confusion parameter to obtain confusion data, and performing piece confusion consistency algorithm on the confusion data through the file piece confusion consistency parameter to perform piece confusion consistency assessment; searching the latest transmission route in the decentralised storage network according to the consistency evaluation result, and transmitting the confusion data to a target storage node for storage according to the transmission route.
In the above data transmission method based on fragment confusion, optionally, the received encrypted file includes: and analyzing the file sharing request provided by the user to obtain a shared file, and encrypting and signing the shared file through a symmetric key to generate ciphertext data.
In the above data transmission method based on fragment confusion, optionally, the method further includes: generating key data according to a file fragment confusion consistency parameter request provided by a user, and encrypting the file fragment confusion consistency parameter in the file fragment confusion consistency parameter request through the key data to obtain secret state data; and generating a symmetric key according to the key data, the secret state data and the user identity information carried in the file fragment confusion consistency parameter request.
In the above data transmission method based on the shard confusion, optionally, executing the shard confusion consistency algorithm through the file shard confusion consistency parameter to evaluate the shard confusion consistency of the confusion data further includes: acquiring file identification of the encrypted file in the decentralised storage network according to the file fragment confusion consistency parameter; generating a corresponding block through the segmentation confusion consistency evaluation result, the file identification and the file segmentation confusion parameters; and storing the block into a blockchain network through an asynchronous calling function.
In the above data transmission method based on fragment confusion, optionally, searching the latest transmission route in the decentralised storage network according to the consistency evaluation result includes: and acquiring a node identifier by using a Kad Mira algorithm, and searching the latest transmission route in the decentralised storage network by taking the node identifier as an input parameter.
In the above data transmission method based on fragment confusion, optionally, generating a plurality of file fragments with a file object tree structure by file fragments according to the received encrypted file includes: dividing the encrypted file into a plurality of file fragments with preset lengths by a file fixed fragmentation method; the data of the file fragments are connected with each other to form a file object tree structure.
The application also provides a data transmission device based on the segmentation confusion, which comprises a segmentation module, a confusion operation module and a transmission module; the slicing module is used for generating a plurality of file slices with a file object tree structure by file slicing according to the received secret state file; the confusion operation module is used for carrying out privacy homomorphic confusion encryption processing on the piece of data generated by the file piece through the file piece confusion parameter to obtain confusion data, and carrying out piece confusion consistency algorithm on the confusion data through the file piece confusion consistency parameter to carry out piece confusion consistency assessment; the transmission module is used for searching the nearest transmission route in the decentralised storage network according to the consistency evaluation result, and transmitting the confusion data to a target storage node for storage according to the transmission route.
The application also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the above method when executing the computer program.
The present application also provides a computer readable storage medium storing a computer program for executing the above method.
The application also provides a computer program product comprising a computer program/instruction which, when executed by a processor, implements the steps of the above method.
The beneficial technical effects of the application are as follows: the method also combines the characteristics of data slicing and safe access, establishes a strategy of slicing confusion and multipoint transmission based on homomorphic decryption, improves the safety of data slicing, and increases the reliability and efficiency of file slicing transmission at the same time, thereby reducing the data loss fault in unstable environments of file data. The method is suitable for executing large file transmission in a decentralization environment, and effectively solves the problems of efficiency and reliability of the large file transmission process.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate and together with the description serve to explain the application. In the drawings:
Fig. 1 is a flow chart of a data transmission method based on fragment confusion according to an embodiment of the application;
FIG. 2 is a schematic diagram of a symmetric key generation process according to an embodiment of the present application;
FIG. 3 is a block diagram illustrating a block chain generation block flow according to one embodiment of the present application;
FIG. 4 is a flowchart illustrating a file slicing process according to an embodiment of the present application;
fig. 5 is a schematic diagram of an application scenario of a data transmission device based on fragment confusion according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a data consistency check service flow based on fragment confusion according to an embodiment of the present application;
FIG. 7 is a schematic diagram of a data consistency check hierarchy based on fragment confusion according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a service gateway node according to an embodiment of the present application;
FIG. 9 is a block chain node according to one embodiment of the present application;
FIG. 10 is a schematic diagram illustrating a structure of a decentralised storage node according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of an electronic device according to an embodiment of the application.
Detailed Description
The following will describe embodiments of the present application in detail with reference to the drawings and examples, thereby solving the technical problems by applying technical means to the present application, and realizing the technical effects can be fully understood and implemented accordingly. It should be noted that, as long as no conflict is formed, each embodiment of the present application and each feature of each embodiment may be combined with each other, and the formed technical solutions are all within the protection scope of the present application.
Additionally, the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and although a logical order is illustrated in the flowcharts, in some cases the steps illustrated or described may be performed in an order other than that herein.
Referring to fig. 1, the data transmission method based on fragment confusion provided in the present application specifically includes:
s101, generating a plurality of file fragments with a file object tree structure by file fragments according to the received secret state file;
S102, carrying out privacy homomorphic confusion encryption processing on the piece of data generated by file piece-dividing according to the file piece-dividing confusion parameters to obtain confusion data, and carrying out piece-dividing confusion consistency evaluation on the confusion data by executing a piece-dividing confusion consistency algorithm according to the file piece-dividing confusion consistency parameters;
S103, searching the latest transmission route in the decentralised storage network according to the consistency evaluation result, and transmitting the confusion data to a target storage node for storage according to the transmission route.
In the above embodiment, the confusion data mainly depends on a fragment confusion technology, which is a method for confusion of data fragments, and the confusion fragments generated by the method cannot be recovered through reverse engineering, so that information leakage caused by reverse engineering recovery is prevented, and the security of the information processing process is improved. The privacy homomorphism is to encrypt data and then operate the encrypted data, and the operation result is the same as the homomorphism decryption result. The shard confusion consistency assessment refers to assessing whether the associated data is correct and complete. Data consistency for distributed data transmission generally refers to the fact that the correctness and integrity of the data before and after transmission are the same, and the interoperability properties remain consistent.
In statistics, consistency or consistency and proclivity monitoring normalization represented by the consistency assessment are two most important properties in large sample data, and as the sample size is infinitely increased, estimation errors can be arbitrarily small in a certain sense, namely estimation amount distribution is more and more concentrated near the estimated authenticity of the parameters. Assuming that an integer is independently divided into different prime numbers and that the prime number selection is independent, random, let B be a positive integer, if the integer sequence c 1,...,cn is extracted from the interval (0, B), the consistency measure satisfies the following probability formula:
Wherein, As a Riemann zeta function, expressed as:
the principle of privacy homomorphism is as follows: if a function f Z/nZ.fwdarw.Z/mZ satisfies the following condition, namely: for any two data sets [ x ], [ y ] ∈Z/nZ, the following is satisfied:
f([x]+[y])=f([x])+f([y]);
then it is called Z/nZ.fwdarw.Z/mZ as homomorphism confusion from Z/nZ to Z/mZ.
Homomorphic confusion deduction: from the homomorphic obfuscated form, it is easy to deduce that the following relationship holds:
(1)f([0]n)=[0]m
(2)f([x]-[y])=f([x])-f([y])
f ([ x ] [ y ])=f ([ x ]) f ([ y ]), and thus f ([ x ] n)=[x]mf([1]n).
The specific application logic for confusion and fragmentation will be described in detail in the following embodiments and will not be described in detail here.
In one embodiment of the present application, the received encrypted file may include: and analyzing the file sharing request provided by the user to obtain a shared file, and encrypting and signing the shared file through a symmetric key to generate ciphertext data. Wherein the symmetric key is generated by the user through early registration, and referring specifically to fig. 2, in an embodiment of the present application, the method further includes:
S201, generating key data according to a file fragment confusion consistency parameter request provided by a user, and encrypting the file fragment confusion consistency parameter in the file fragment confusion consistency parameter request through the key data to obtain secret state data;
S202, generating a symmetric key according to the key data, the secret state data and the user identity information carried in the file fragment confusion consistency parameter request.
Specifically, in actual work, the step is mainly executed on a block chain node, and a user applies a symmetric key to the block chain node through a service gateway by a client and saves the fragment confusion consistency parameter to the block chain node; the specific flow will be described in detail in the following embodiments, and reference is made to fig. 6 and 7, which will not be described in detail here.
Referring to fig. 3, in an embodiment of the present application, performing a shard confusion consistency algorithm through the file shard confusion consistency parameter to evaluate the shard confusion consistency of the confusion data further includes:
S301, acquiring a file identifier of the encrypted file in the decentralised storage network according to the file fragment confusion consistency parameter;
s302, generating a corresponding block through a segmentation confusion consistency evaluation result, the file identification and the file segmentation confusion parameter;
S303, storing the block into a blockchain network through an asynchronous call function.
Specifically, in actual work, the part is mainly completed by block chain link points, the process generates a corresponding Cid, namely a file identifier when related contents of the secret file are stored through a decentralised storage node, and then the corresponding Cid, namely the file identifier is stored through block solidification; the construction of the blocks follows the MERKLE DAG form, assuming that the digital asset file f represents the file content of the user, cid (f) is the content identification of f, formalized as MERKLE DAG values for multiple file slices, namely:
Cid(f)=buf{code,len,name,multihash(chunk0(f),...,chunkk-1(f))}
Wherein buf represents byte array, code represents coding mode, len represents length, name represents coding name, multihash represents multiple hash coding based on MERKLEDAG form, chunk i (f) (0.ltoreq.i.ltoreq.k-1) represents file fragment of file f. Block b formalized as:
b=(block_head,{Cid(f1),...,Cid(fk)},trans,key(signnode))
Wherein block_head represents a block header, and Cid (f 1),...,Cid(fk) represents content links of the file f 1,...,fk, respectively; trans represents a transaction set for storing smart contract transaction information; a key (sign) is represented as an identifier of a signature node.
In an embodiment of the present application, searching the closest transmission route in the decentralized storage network according to the consistency evaluation result includes: and acquiring a node identifier by using a Kad Mira algorithm, and searching the latest transmission route in the decentralised storage network by taking the node identifier as an input parameter.
Specifically, in actual work, the embodiment is mainly used for searching the nearest node routing information in the decentralization environment, and realizing the rapid transfer of file fragments. The function executes the Kademlia algorithm, obtains a 160-bit node identifier (NodeID) as an input parameter, and the receiver returns the following 3-tuple information through the RPC:
(NodeID,Node_IP,UDP_port)
Wherein, nodeID represents a Node identifier, node_IP represents a Node IP address, and UDP_port represents a port of UDP. For k nodes known to the DHT, the nearest node ID is found. The nodes in the routing table are all dynamically allocated as required, and the routing tree of one node only comprises one node (generally k-bucket with k number) at the beginning, when a new routing protocol is identified, the node tries to insert the new routing protocol into the k-bucket, and if the k-bucket is full, the node splits into two k-buckets.
Referring to fig. 4, in an embodiment of the present application, generating a plurality of file fragments with a file object tree structure by file fragments according to a received encrypted file includes:
S401, dividing the encrypted file into a plurality of file fragments with preset lengths by a file fixed fragmentation method;
s402, connecting the data of the file fragments to each other to form a file object tree structure.
Specifically, in actual work, the application segments the data content of the file object, ensures that the segmented data are connected with each other to form a file object tree, and particularly adopts a file fixed segmentation method to segment the file f into file segments chunk i (f) (i is more than or equal to 1 and less than or equal to k) with the length w. The decentralised transmission network is composed of n nodes, the file fragments chunk i (f) (1.ltoreq.i.ltoreq.k) are distributed into k nodes, and m=n-k coding information is generated. This process is called the encoding process. Assuming that each node is assigned a file fragment chunk i (f) of length w (1. Ltoreq.i.ltoreq.k), the file fragments are numbered as chunk 1,chunk2,..,chunkk, and c 1,c2,...,cm represents redundant information encoding, the linear combination of which represents the following relation:
c1=a(1,0)chunk1+...+a(1,m)chunkm
c2=a(2,0)chunk1+...+a(2,m)chunkm
......
cn=a(n,0)chunk1+...+a(n,m)chunkm
The above addition+ represents exclusive or remainder addition, and the multiplication represents remainder multiplication. Wherein a (i, j) represents a co-parameter satisfying the following relation: for any c i∈Z/nZ(1≤i≤n),Z/m1Z×Z/m2Z×...×Z/mk Z, if a (i, j) (1.ltoreq.i.ltoreq.n, 1.ltoreq.j.ltoreq.m) is an integer, so that m i |na (i, j) (i=1, 2,., k), then the following function holds for [ c ] n e Z/nZ:
f([ci]n)=([a(i,1)chunk1],[a(i,2)chunk2],...,[a(i,m)chunkm])
The above formula also becomes homomorphism confusion from Z/nZ to Z/m 1Z×Z/m2Z×...×Z/mk Z.
The application also provides a data transmission device based on the segmentation confusion, which comprises a segmentation module, a confusion operation module and a transmission module; the slicing module is used for generating a plurality of file slices with a file object tree structure by file slicing according to the received secret state file; the confusion operation module is used for carrying out privacy homomorphic confusion encryption processing on the piece of data generated by the file piece through the file piece confusion parameter to obtain confusion data, and carrying out piece confusion consistency algorithm on the confusion data through the file piece confusion consistency parameter to carry out piece confusion consistency assessment; the transmission module is used for searching the nearest transmission route in the decentralised storage network according to the consistency evaluation result, and transmitting the confusion data to a target storage node for storage according to the transmission route.
Specifically, as shown in fig. 5, in actual operation, the data transmission device based on the fragment confusion is applied to a large system, and the structure thereof may include a user 1, a client 2, a service gateway 3, a Decentralised Storage (DS) node 4, a blockchain node 4, and a decentralised storage node 5.
User 1 initiates user file data upload or receives data information from the blockchain network, and user sensitive information cannot be revealed. The client 2 is responsible for initiating intelligent contract deployment requests, decentralised store transaction requests, decentralised store query requests, etc. The service gateway 3 is mainly responsible for providing an intelligent contract service interface, realizing current limiting fusing, security detection, file uploading and downloading, identity verification, security parameter setting and the like. The blockchain node 4 is the node that performs the functions of broadcasting transactions, executing transactions, verifying transactions, consensus and storing. Having the general characteristics of a blockchain. And initiating a file reading instruction through the client, and storing the transaction record after the intelligent contract of the file reading and writing certificate is executed on the blockchain. The decentralized storage node 5 is responsible for receiving a file read-write request of the service gateway, performing file data slicing, and storing transaction information to the blockchain node. The client A and the client B of the invention are respectively connected with the blockchain node through the service gateway 1 and the service gateway 2 to realize intelligent contract release, file reading and file storage.
The logical hierarchy of which can be seen with reference to fig. 7 includes a client access layer 20, a service gateway layer 21, a blockchain network 22, and a de-centralized file storage network 23. Client access layer 20: client software responsible for providing user access is convenient for initiating a request for decentralizing file transmission and receiving decentralizing transmission data. The client can issue intelligent contracts on the blockchain platform, and after the client generates the uploaded or downloaded behavior data, the client can call the intelligent contracts to initiate a transaction request, the behavior data is uploaded and submitted to channels corresponding to all scenes according to the use scenes of the client (the client can directly upload user file data). Gateway service layer 21: and the intelligent contract service API is responsible for providing a blockchain intelligent contract service API for a client, realizing the flow limiting and fusing of transactions, the uploading and downloading of files of DS nodes, the generation of content links (CIDs), and realizing intelligent contract function calling such as digital identity registration, verification, directory inquiry and update. Blockchain network 22: and triggering a preset intelligent contract logic to form a log result of the decentralization transmission. The blockchain network provides node hosting services, and local node deployment may also be provided for capable federated participants. The decentralised file storage network 23: is responsible for storing logical configuration parameters, data, service logic and the like through decentralization according to the requests of uploading, downloading, inquiring and the like submitted by the client, and simultaneously encrypting and forming file block data, wherein the hash value of the file block data is broadcast to the blockchain network 22. The scenario provider may also issue a joint operation intelligent contract through which DS node services are invoked, each blockchain node having a corresponding DS node service, the intelligent contract may specify which DS services are required for joint computation.
In the above embodiment, the service gateway node may be configured as shown in fig. 8, and includes a communication module 31, a current limiting fusing module 32, a security authentication module 33, and an API service interface 34. The communication module 31 is responsible for establishing a secure channel for the service gateway node, and implementing message transceiving such as a decentralised file storage request, an initialized secure parameter and the like. The current limit fuse module 32 is responsible for transaction current limit and fuse control in accordance with a transaction throughput configuration. The security authentication module 33 is responsible for keeping the private key and the symmetric key of the user and managing the digital identity of the user; and the system is responsible for calling a secure interface API provided by the blockchain network, and realizing user data storage, user data encryption, decryption of a encrypted file and the like. The API service interface 34 is responsible for providing blockchain smartcontract API calls, such as: file uploading, file downloading, information inquiry, security setting and the like.
The blockchain node may specifically include a communication module 41, an intelligent contract module 42, a consensus verification module 43, and a blockgeneration module 44, as shown in fig. 9. The communication module 41: and the communication interaction among the nodes is completed, and common blockchain node communication information including transaction information broadcasting, consensus related information, block synchronization information, network state information and the like is completed. Intelligent contract module 42: the method comprises the steps of being responsible for receiving a transaction request, generating a transaction unique identifier, assembling the transaction unique identifier, a contract unique identifier and calling parameters into a transaction, and broadcasting the transaction unique identifier, the contract unique identifier and the calling parameters to other nodes of a blockchain; meanwhile, the intelligent contract is compiled through the built-in compiler, so that execution of the transaction request is realized. The intelligent contract module provides data certification service, and stores the intelligent contract execution result in a block chain storage network 5 in a file form. Consensus verification module 43: is responsible for receiving transaction requests, such as consensus, invoking the intelligent contract module 43, executing intelligent contracts, and finally forming records for later audit trails or verification. Block generation module 44: for generating MERKLE DAG-based block form, let digital asset file f denote user's file content, cid (f) be content identification of f, formalize MERKLE DAG values expressed as multiple file fragments, namely:
Cid(f)=buf{code,len,name,multihash(chunk0(f),...,chunkk-1(f))}
Wherein buf represents byte array, code represents coding mode, len represents length, name represents coding name, multihash represents multiple hash coding based on MERKLEDAG form, chunk i (f) (0.ltoreq.i.ltoreq.k-1) represents file fragment of file f. Block b formalized as:
b=(block_head,{Cid(f1),...,Cid(fk)},trans,key(signnode))
Wherein block_head represents a block header, and Cid (f 1),...,Cid(fk) represents content links of the file f 1,...,fk, respectively; trans represents a transaction set for storing smart contract transaction information; a key (sign) is represented as an identifier of a signature node.
The structure of the decentralised storage node (DS node) can be seen with reference to fig. 10, which includes a communication module 51, a routing module 52, a confusion evaluation module 53, and a fragment generation module 54. The communication module 51 is responsible for establishing a secure channel for the DS node 5 to implement the decentralization storage message transceiving. The routing module 52 is responsible for executing a routing query function, searching the latest node routing information in the decentralization environment, and realizing the rapid transfer of file fragments. The function executes a Kademlia algorithm, obtains a 160-bit node identifier (NodeID) as an input parameter, and the receiver returns the following 3-tuple information by executing an RPC protocol function:
(NodeID,Node_IP,UDP_port)
Wherein, nodeID represents a Node identifier, node_IP represents a Node IP address, and UDP_port represents a port of UDP. From the known k nodes, the nearest node ID is found. The nodes in the routing table are all dynamically allocated as required, and the routing tree of one node only comprises one node (generally k-bucket with k number) at the beginning, when a new routing protocol is identified, the node tries to insert the new routing protocol into the k-bucket, and if the k-bucket is full, the node splits into two k-buckets.
The confusion evaluation module 53 is responsible for performing a confusion consistency algorithm for confusion-fragment data consistency evaluation. The basic principle of the confusion evaluation algorithm is to execute the security proof of homomorphic operation, firstly, the segmentation confusion is initialized, namely public parameters and security parameters are selected, encryption confusion processing is carried out on the segmentation data information, and reverse engineering restoration is prevented; secondly, consistency evaluation of confusion proves consistency processing before and after the confusion of the fragments, and reverse engineering spliced data fragments are prevented.
The invention adopts a file fixed slicing method to divide a file f into file slices chunk i (f) (i is more than or equal to 1 and less than or equal to k) with the length w. The decentralised transmission network is composed of n nodes, the file fragments chunk i (f) (1.ltoreq.i.ltoreq.k) are distributed into k nodes, and m=n-k coding information is generated.
The confusion consistency algorithm executed by the confusion evaluation module 53 mainly comprises the following steps:
Input: a confusing slicing sequence B [ n ] and confusing slicing sequence chunk 1′,chunk2′,..,chunkd';
and (3) outputting: consistency judgment result True or False;
algorithm steps:
stage one: initializing fragment confusion:
step 1: initializing common parameters: the common parameter is a positive integer greater than 2 and a large integer m
(. Apprxeq.10 200 or greater). m has a number of divisors (condition one) and also has a number of integers less than m to achieve modulo-m inversion (condition two); wherein condition one is satisfied by constructing m, and condition two is satisfied by iterating until m is found, ultimately bringing phi (m) close to 6 m/(pi 2) for a random number m;
Step 2: initializing secret parameters: the secret parameter is r ε Z m, such that r -1 mod m is present, and the divisor m' of m is > 1, such that s: = log m′ m is a (secret) security parameter; the size of m 'and m has some effect on security, the key being denoted as k= (r, m');
step 3: initializing fixed fragments: dividing the chunk into data fragments with the same length by adopting a fixed fragmentation method, and formally representing as follows:
chunki=chunki,1+chunki,2+...+chunki,n
Step 4: let the plaintext set be t=z m={chunk1,chunk2,..,chunkd. The set of ciphertext is T ' =z m′={chunk1′,chunk2′,..,chunkd ' }, and the set of plaintext operations F is basically formed by addition, subtraction and multiplication in T '. The set F of ciphertext operations includes the corresponding component operations in T. The privacy homomorphic transformation can be described as an encryption operation, namely: randomly splitting a e Z m into a secret T '=z m′={chunk1′,chunk2′,..,chunkd' }, such that:
and chunk'. j∈Zm′
From this calculation:
Ek(a)=(chunk′1rmodm′,chunk′2r2modm′,....,chunk′drdmodm)(1)
Stage two: confusion consistency assessment
Step 5: the encryption function with the privacy homomorphism problem is set as shown in expression (1). Let n be the number of random plaintext-ciphertext pairs known to the eavesdropper. If the r-order of all ciphertext is greater than 1, then the known key subset grows exponentially with s-n and has at least the following expected values:
where s=log m′ m.
And 6, evaluating the generated plaintext-ciphertext pairs, and verifying that the security of privacy homomorphism is not damaged by using homomorphism to derive attributes from n known pairs.
And 7, representing the maximum r-order of ciphertext in the known message pair by d. Let n known random message pairs consist of plaintext chunk i and ciphertext T '=z m′={chunk1′,chunk2′,..,chunkd' }, where i=1. The following construction shows that there are several keys consistent with n known pairs
Step 7.1: randomly selectSo thatExists. Selecting candidate numbers which are mutually equal to m, and supposing that the candidates haveAnd each.
Step 7.2: for i=1..n, n, calculation
So that
Step 7.3: find outLet it divide m and verify:
for i=1. One possibility (not the only) is:
Wherein gcd of the above formula is further simplified to: gcd 1≤i≤n(ci,m):=gcd(c1,c2,..,cn, m).
Step 7.4: if it obtainsThen go to step 7.1. Otherwise, a key consistent with the known pair has been obtainedThe process ends.
Step 8: obtained in step 7.3As a lower bound, the probability of (2) is as follows:
Step 9: if step 8 is true, then it is stated that find Return True, otherwise return False.
Based on the system structure applied by the data transmission device based on the fragment confusion, in actual work, the implementation flow of the data transmission method based on the fragment confusion mainly comprises two stages of 'initialization of the fragment confusion consistency parameter' and 'file fragment data transmission based on the fragment confusion consistency', and the implementation flow is shown in fig. 6.
Stage one: fragment confusion consistency parameter initialization:
s601, a user submits a file fragment confusion consistency parameter request, which comprises the following steps:
1. initializing common parameters: the common parameter is a positive integer greater than 2 and a large integer m
(. Apprxeq.10 200 or greater). m has a number of divisors (condition one) and also has a number of integers less than m to achieve modulo-m inversion (condition two); where condition one is satisfied by constructing m, and condition two is satisfied by iterating until m is found, ultimately such that for a random number m,Approximately 6 m/(pi 2);
2: initializing secret parameters: the secret parameter is r ε Z m, such that r -1 mod m is present, and the divisor m' of m is > 1, such that s: = log m′ m is a (secret) security parameter; the size of m 'and m has some effect on security, the key being denoted as k= (r, m');
s602, a blockchain intelligent contract algorithm is called to initialize security parameters, and the encrypted fragment confusion consistency parameters are uploaded.
S603, the service gateway invokes the blockchain intelligent contract algorithm to initialize the security parameters and the shard confusion consistency parameters.
S604, the transaction processing module receives an initialization security parameter and a fragment confusion consistency parameter certification request.
S605, executing the certificate storing processing intelligent contract, and generating a symmetric key by uplink registration of user identity, public key and fragment confusion consistency encryption information.
S606, the symmetric key is encrypted by the public key and then sent to the client for local storage.
S607 returns the client security parameter initialization success or failure information.
Stage two: file shard data transmission based on shard confusion consistency
S701, a user submits a file sharing request and submits a plaintext file f;
s702 encrypts a file f by using a symmetric key, and then signs the file f by using a private key to generate ciphertext information.
S703 calls the file sharing interface to perform file fragment confusion and data nearby transmission processing.
S704 is responsible for slicing (chunk) the encrypted file. Meanwhile, the segmented data are connected with each other to form a file object tree, and the file fixed segmentation method is adopted to segment the file f into file segments chunk i (f) (i is more than or equal to 1 and less than or equal to k) with the length of w. And calling the intelligent contract to read the file fragment confusion parameter.
S705, reading the fragment confusion consistency parameter and transmitting the fragment confusion consistency parameter to a decentralised storage node; generating file content Cid;
S706 is responsible for executing the confusion consistency algorithm for the tile confusion consistency assessment. The basic principle of the confusion evaluation algorithm is the security proof of performing homomorphic operation: firstly, initializing fragment confusion, namely selecting public parameters and security parameters, and carrying out encryption confusion processing on fragment data information to prevent reverse engineering restoration; secondly, consistency evaluation of confusion proves consistency processing before and after the confusion of the fragments, and reverse engineering spliced data fragments are prevented.
S707 performs findCloestNode functions to find the nearest file-slicing node to find the nearest transmission route in the transmission.
S708 generates a block from the data fragment confusion information.
S709 executes the multicast program libp p to transmit the file fragments to the nearby node according to the nearby access route and to the destination node by means of the nearby node.
The S710 interface provides transmission success or failure information.
S711 feeds back a file transfer success or failure message to the client.
The beneficial technical effects of the application are as follows: the method also combines the characteristics of data slicing and safe access, establishes a strategy of slicing confusion and multipoint transmission based on homomorphic decryption, improves the safety of data slicing, and increases the reliability and efficiency of file slicing transmission at the same time, thereby reducing the data loss fault in unstable environments of file data. The method is suitable for executing large file transmission in a decentralization environment, and effectively solves the problems of efficiency and reliability of the large file transmission process.
The application also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the above method when executing the computer program.
The present application also provides a computer readable storage medium storing a computer program for executing the above method.
The application also provides a computer program product comprising a computer program/instruction which, when executed by a processor, implements the steps of the above method.
As shown in fig. 11, the electronic device 600 may further include: a communication module 110, an input unit 120, an audio processor 130, a display 160, a power supply 170. It is noted that the electronic device 600 need not include all of the components shown in FIG. 11; in addition, the electronic device 600 may further include components not shown in fig. 11, to which reference is made to the related art.
As shown in fig. 11, the central processor 100, also sometimes referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device that the central processor 100 receives inputs and controls the operation of the various components of the electronic device 600.
The memory 140 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information about failure may be stored, and a program for executing the information may be stored. And the central processor 100 can execute the program stored in the memory 140 to realize information storage or processing, etc.
The input unit 120 provides an input to the central processor 100. The input unit 120 is, for example, a key or a touch input device. The power supply 170 is used to provide power to the electronic device 600. The display 160 is used for displaying display objects such as images and characters. The display may be, for example, but not limited to, an LCD display.
The memory 140 may be a solid state memory such as Read Only Memory (ROM), random Access Memory (RAM), SIM card, or the like. But also a memory which holds information even when powered down, can be selectively erased and provided with further data, an example of which is sometimes referred to as EPROM or the like. Memory 140 may also be some other type of device. Memory 140 includes a buffer memory 141 (sometimes referred to as a buffer). The memory 140 may include an application/function storage 142, the application/function storage 142 for storing application programs and function programs or a flow for executing operations of the electronic device 600 by the central processor 100.
Memory 140 may also include a data store (data 143) for storing data, such as contacts, digital data, pictures, sounds, and/or any other data used by the electronic device. The driver store (driver 144) of the memory 140 may include various drivers of the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, address book applications, etc.).
The communication module 110 is a transmitter/receiver 110 that transmits and receives signals via an antenna 111. A communication module (transmitter/receiver) 110 is coupled to the central processor 100 to provide an input signal and receive an output signal, which may be the same as in the case of a conventional mobile communication terminal.
Based on different communication technologies, a plurality of communication modules 110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, etc., may be provided in the same electronic device. The communication module (transmitter/receiver) 110 is also coupled to a speaker 131 and a microphone 132 via an audio processor 130 to provide audio output via the speaker 131 and to receive audio input from the microphone 132 to implement usual telecommunication functions. The audio processor 130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 130 is also coupled to the central processor 100 so that sound can be recorded locally through the microphone 132 and so that sound stored locally can be played through the speaker 131.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the application, and is not meant to limit the scope of the application, but to limit the application to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the application are intended to be included within the scope of the application.

Claims (10)

1.一种基于分片混淆的数据传输方法,其特征在于,所述方法包含:1. A data transmission method based on fragmentation obfuscation, characterized in that the method comprises: 根据接收到的密态文件通过文件分片生成多个数据彼此连接具有文件对象树结构的文件分片;Generate multiple file slices with data connected to each other and having a file object tree structure through file slices according to the received encrypted file; 通过文件分片混淆参数对文件分片生成的分片数据进行隐私同态混淆加密处理获得混淆数据,并通过文件分片混淆一致性参数执行分片混淆一致性算法对所述混淆数据进行分片混淆一致性评估;Performing privacy homomorphic obfuscation encryption processing on the shard data generated by the file sharding through the file sharding obfuscation parameters to obtain obfuscated data, and executing the sharding obfuscation consistency algorithm through the file sharding obfuscation consistency parameters to perform sharding obfuscation consistency evaluation on the obfuscated data; 根据一致性评估结果于去中心化存储网络中查找最近的传输路由,根据所述传输路由将所述混淆数据传输至目标存储节点进行存储。According to the consistency evaluation result, the nearest transmission route is found in the decentralized storage network, and the obfuscated data is transmitted to the target storage node for storage according to the transmission route. 2.根据权利要求1所述的基于分片混淆的数据传输方法,其特征在于,根据接收到的密态文件包含:2. The data transmission method based on fragmentation obfuscation according to claim 1 is characterized in that the received encrypted file contains: 根据用户提供的文件共享请求解析获得共享文件,通过对称密钥对所述共享文件加密和签名生成密文数据。The shared file is obtained by parsing the file sharing request provided by the user, and the shared file is encrypted and signed by a symmetric key to generate ciphertext data. 3.根据权利要求2所述的基于分片混淆的数据传输方法,其特征在于,所述方法还包含:3. The data transmission method based on fragmentation obfuscation according to claim 2, characterized in that the method further comprises: 根据用户提供的文件分片混淆一致性参数请求生成密钥数据,通过密钥数据对所述文件分片混淆一致性参数请求中的文件分片混淆一致性参数加密获得密态数据;Generate key data according to the file segment obfuscation consistency parameter request provided by the user, and encrypt the file segment obfuscation consistency parameter in the file segment obfuscation consistency parameter request by using the key data to obtain secret data; 根据所述密钥数据、所述密态数据和所述文件分片混淆一致性参数请求中携带的用户身份信息生成对称密钥。A symmetric key is generated according to the key data, the secret data and the user identity information carried in the file shard obfuscation consistency parameter request. 4.根据权利要求1所述的基于分片混淆的数据传输方法,其特征在于,通过文件分片混淆一致性参数执行分片混淆一致性算法对所述混淆数据进行分片混淆一致性评估还包含:4. The data transmission method based on fragmentation obfuscation according to claim 1 is characterized in that the step of executing a fragmentation obfuscation consistency algorithm to evaluate the fragmentation obfuscation consistency of the obfuscated data through file fragmentation obfuscation consistency parameters further comprises: 根据所述文件分片混淆一致性参数获取密态文件在去中心化存储网络的文件标识;Obtaining a file identifier of a secret file in a decentralized storage network according to the file shard obfuscation consistency parameter; 通过分片混淆一致性评估结果、所述文件标识和文件分片混淆参数生成对应区块;Generate a corresponding block based on the fragment obfuscation consistency evaluation result, the file identifier and the file fragment obfuscation parameter; 将所述区块通过异步调用函数存储至区块链网络。The block is stored in the blockchain network through an asynchronous call function. 5.根据权利要求1所述的基于分片混淆的数据传输方法,其特征在于,根据一致性评估结果于去中心化存储网络中查找最近的传输路由包含:5. The data transmission method based on shard obfuscation according to claim 1 is characterized in that searching for the nearest transmission route in the decentralized storage network according to the consistency evaluation result comprises: 通过卡德米拉算法获取节点标识,以所述节点标识作为输入参数于去中心化存储网络中查找最近的传输路由。The node identification is obtained through the Cadmira algorithm, and the node identification is used as an input parameter to find the nearest transmission route in the decentralized storage network. 6.根据权利要求1所述的基于分片混淆的数据传输方法,其特征在于,根据接收到的密态文件通过文件分片生成多个数据彼此连接具有文件对象树结构的文件分片包含:6. The data transmission method based on fragmentation obfuscation according to claim 1 is characterized in that the file fragments generated by file fragmentation according to the received encrypted file have a plurality of data connected to each other and have a file object tree structure, including: 通过文件固定分片方法将所述密态文件分割为预设长度的多个文件分片;Dividing the encrypted file into a plurality of file segments of preset lengths by a fixed file segmentation method; 所述文件分片的数据彼此连接构成文件对象树结构。The data of the file segments are connected to each other to form a file object tree structure. 7.一种基于分片混淆的数据传输装置,其特征在于,所述装置包含分片模块、混淆运算模块和传输模块;7. A data transmission device based on fragmentation obfuscation, characterized in that the device comprises a fragmentation module, an obfuscation operation module and a transmission module; 所述分片模块用于根据接收到的密态文件通过文件分片生成多个数据彼此连接具有文件对象树结构的文件分片;The slicing module is used to generate a plurality of file slices having a file object tree structure and data connected to each other according to the received encrypted file through file slicing; 所述混淆运算模块用于通过文件分片混淆参数对文件分片生成的分片数据进行隐私同态混淆加密处理获得混淆数据,并通过文件分片混淆一致性参数执行分片混淆一致性算法对所述混淆数据进行分片混淆一致性评估;The obfuscation operation module is used to perform privacy homomorphic obfuscation encryption processing on the shard data generated by the file shards through the file shard obfuscation parameters to obtain obfuscated data, and to perform shard obfuscation consistency evaluation on the obfuscated data by executing the shard obfuscation consistency algorithm through the file shard obfuscation consistency parameters; 所述传输模块用于根据一致性评估结果于去中心化存储网络中查找最近的传输路由,根据所述传输路由将所述混淆数据传输至目标存储节点进行存储。The transmission module is used to find the nearest transmission route in the decentralized storage network according to the consistency evaluation result, and transmit the obfuscated data to the target storage node for storage according to the transmission route. 8.一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现权利要求1至6任一所述方法。8. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements any one of the methods of claims 1 to 6 when executing the computer program. 9.一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有由计算机执行权利要求1至6任一所述方法的计算机程序。9. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for executing the method according to any one of claims 1 to 6 by a computer. 10.一种计算机程序产品,包括计算机程序/指令,其特征在于,该计算机程序/指令被处理器执行时实现权利要求1至6任一所述方法的步骤。10. A computer program product, comprising a computer program/instruction, characterized in that when the computer program/instruction is executed by a processor, the steps of the method according to any one of claims 1 to 6 are implemented.
CN202410373652.3A 2024-03-29 2024-03-29 Data transmission method and system based on fragmentation obfuscation Pending CN118282605A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410373652.3A CN118282605A (en) 2024-03-29 2024-03-29 Data transmission method and system based on fragmentation obfuscation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410373652.3A CN118282605A (en) 2024-03-29 2024-03-29 Data transmission method and system based on fragmentation obfuscation

Publications (1)

Publication Number Publication Date
CN118282605A true CN118282605A (en) 2024-07-02

Family

ID=91636376

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410373652.3A Pending CN118282605A (en) 2024-03-29 2024-03-29 Data transmission method and system based on fragmentation obfuscation

Country Status (1)

Country Link
CN (1) CN118282605A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118827245A (en) * 2024-09-19 2024-10-22 深圳市一航网络信息技术有限公司 A decentralized distributed IM system and method
CN119228393A (en) * 2024-08-21 2024-12-31 湖南三湘银行股份有限公司 A method for protecting supply chain procurement relationship chain data
CN119450458A (en) * 2024-11-15 2025-02-14 长光卫星技术股份有限公司 A satellite data secure transmission method based on intersatellite link
CN119484037A (en) * 2024-10-24 2025-02-18 华东师范大学 A method for supporting secure transmission and verification of large data files in a cloud environment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10289816B1 (en) * 2018-06-08 2019-05-14 Gsfm Llc Methods, systems, and devices for an encrypted and obfuscated algorithm in a computing environment
CN111064579A (en) * 2019-12-11 2020-04-24 北京金汤科技有限公司 Block chain-based secure multi-party computing method, system and storage medium
CN116366231A (en) * 2023-02-22 2023-06-30 北京麦克斯泰科技有限公司 Anti-crawler method and system for protecting website resources based on encryption confusion
CN116776386A (en) * 2023-07-05 2023-09-19 深圳钰丰信息技术有限公司 Cloud service data information security management method and system
CN117439990A (en) * 2023-11-27 2024-01-23 中国工商银行股份有限公司 File transmission method and device based on block chain and decentralization network
CN117714043A (en) * 2023-12-13 2024-03-15 深圳前海微众银行股份有限公司 A voting system, method and device based on blockchain

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10289816B1 (en) * 2018-06-08 2019-05-14 Gsfm Llc Methods, systems, and devices for an encrypted and obfuscated algorithm in a computing environment
CN111064579A (en) * 2019-12-11 2020-04-24 北京金汤科技有限公司 Block chain-based secure multi-party computing method, system and storage medium
CN116366231A (en) * 2023-02-22 2023-06-30 北京麦克斯泰科技有限公司 Anti-crawler method and system for protecting website resources based on encryption confusion
CN116776386A (en) * 2023-07-05 2023-09-19 深圳钰丰信息技术有限公司 Cloud service data information security management method and system
CN117439990A (en) * 2023-11-27 2024-01-23 中国工商银行股份有限公司 File transmission method and device based on block chain and decentralization network
CN117714043A (en) * 2023-12-13 2024-03-15 深圳前海微众银行股份有限公司 A voting system, method and device based on blockchain

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119228393A (en) * 2024-08-21 2024-12-31 湖南三湘银行股份有限公司 A method for protecting supply chain procurement relationship chain data
CN119228393B (en) * 2024-08-21 2025-10-17 湖南三湘银行股份有限公司 Information protection method for supply chain purchasing relationship chain data
CN118827245A (en) * 2024-09-19 2024-10-22 深圳市一航网络信息技术有限公司 A decentralized distributed IM system and method
CN119484037A (en) * 2024-10-24 2025-02-18 华东师范大学 A method for supporting secure transmission and verification of large data files in a cloud environment
CN119450458A (en) * 2024-11-15 2025-02-14 长光卫星技术股份有限公司 A satellite data secure transmission method based on intersatellite link
CN119450458B (en) * 2024-11-15 2025-06-06 长光卫星技术股份有限公司 Satellite data safe transmission method based on inter-satellite link

Similar Documents

Publication Publication Date Title
CN114586313B (en) System and method for signing information
CN115412568B (en) Distributed data transmission methods, devices and systems
CN118282605A (en) Data transmission method and system based on fragmentation obfuscation
CN111786812B (en) Node management method, device, computer equipment and storage medium
CN111066285A (en) Method for recovering public key based on SM2 signature
CN114119021B (en) Image file secure multi-party computing method and system
KR20260041846A (en) (ec)dsa threshold signature with secret sharing
CN116743377B (en) Data processing method, device, equipment and storage medium based on blockchain key
CN114900304A (en) Digital signature method and apparatus, electronic device, and computer-readable storage medium
CN113382002B (en) Data request method, request response method, data communication system, and storage medium
TW202232913A (en) Generating shared keys
CN116032613A (en) Blockchain digital credential exchange method, file storage access method and system
Zhang et al. Efficient auditing scheme for secure data storage in fog-to-cloud computing
CN117880180A (en) Data transmission method, device, equipment, and medium based on financial alliance chain
CN112417489B (en) Digital signature generation method and device and server
WO2022116175A1 (en) Method and apparatus for generating digital signature and server
CN114143098B (en) Data storage method and data storage device
CN116232578A (en) A multi-party cooperative signature system, method and device integrating quantum key distribution
CN111552950B (en) Software authorization method and device and computer readable storage medium
CN117439990A (en) File transmission method and device based on block chain and decentralization network
CN117439755A (en) Multi-party secure communication method and device based on encrypted tunnel
CN116668118A (en) Stateless user data processing method, device and system based on content link
CN119675880B (en) Method, device, equipment, and medium for processing flash sale data based on financial alliance chain
CN116962391A (en) Near transmission method and device based on erasure codes
CN119583087B (en) Encryption tunnel communication method and device with dynamically optimized path

Legal Events

Date Code Title Description
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination